Privacy Compliance Manager

Job Info

May 12, 2022

106750

Posting Expiration Date: Aug 12, 2022

Schedule Type: Full-Time

Organization: Business Ethics & Compliance

Department: Privacy Compliance

Section: BEC Privacy

Location: NY-New York-4 Irving Pl Headquarters

Job Description

Mission Statement

  • Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) employees are required to follow health, safety, and environmental policies, EEO, Standards of Business Conduct, and all other applicable company policy and procedures. We all share a responsibility to advance the company’s mission by excelling at our three corporate priorities – safety of our people and the public, operational excellence in all that we do, and ensuring the best possible customer experience.

Core Responsibilities

  • The Section Manager of the Privacy Compliance team reports to the Chief Privacy Officer and is responsible for managing the day-to-day functions of the privacy compliance program, including management of a team of two, ensuring individual data privacy rights and obligations are met by providing advice and guidance to company organizations and teams regarding applicable federal and state laws, rules, regulations, as well as internal policies.
  • With expertise in applicable and emerging data privacy laws, rules, regulations, and industry standards, assist the Chief Privacy Officer in implementing a strong privacy program across the company by acting as an ambassador and promoter of data privacy and protection principles, as well as sharing knowledge and expertise with newer members of the Privacy Compliance team.
  • Once established, manage the day-to-day functions of the privacy program, including managing a team of two specialists with special focus on development of talent and increased privacy expertise amongst the team.
  • Participate in and provide guidance based on Privacy by Design principles to the Privacy Impact Assessments (PIAs) process and other new system/application architecture reviews for new or enhanced technologies, offering improvements to applicable processes where appropriate.
  • Participate in and provide guidance on appropriate data sharing and handling to the Vendor Risk Assessments (VRAs) process, offering improvements to the process where appropriate.
  • Determine notification obligations to individuals and regulators in partnership with Privacy Legal resulting from incidents involving data breaches, as well as providing quality reviews of individual documentation maintained by Information Security teams.
  • Develop privacy-related training content in partnership with compliance training teams, delivering targeted in-person training where opportunities are identified for high risk business organizations.
  • Enhance privacy awareness and knowledge across the organization by partnering with communications teams to develop privacy-related content and regular delivery frequencies, utilizing multiple available channels and methods.
  • Perform other related tasks and assignments as required.

Required Education/Experience

  • Bachelor's Degree And a minimum eight years of work experience Or
  • Master's Degree And a minimum six years of work experience

Required Work Experience

  • Minimum five years of experience in a privacy-related role in operations, risk management and/or compliance, preferably acting in management capacity and with experience in direct/indirect supervision of staff and designing and/or implementing privacy compliance program elements. Required
  • Strong ability to communicate clearly and effectively with all levels of the organization, exhibiting skills to effect change when needed. Required
  • Effective time management experience balancing competing deliverables and raising concerns and risks to management timely. Required
  • Accustomed to working in a quickly-changing environment amongst multiple stakeholders with diverse goals. Required
  • Working proficiency with all Microsoft products. Req

Licenses & Certifications

  • Driver's License Required
  • Other: IAPP CIPP-US certification Preferred

Other Physical Demands

  • Must be able to respond to Company emergencies by performing a System Emergency Assignment to restore service to our customers.
  • Must be able and willing to travel within Company service territory, as needed.

Technical Difficulty Statement

Equal Opportunity Employer

  • Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) are equal opportunity employers. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of the individual’s actual or perceived disability, protected veteran status, race, color, creed, religion, sex, age, national origin, gender, gender identity, gender expression, genetic information, marital status, sexual orientation, citizenship, domestic violence victim status, or any other actual or perceived status protected by law.

SHARE: